0989d85602e53f9fd5e3e05a58a77452_JaffaCakes118

General

Target

0989d85602e53f9fd5e3e05a58a77452_JaffaCakes118
Size

288KB
MD5

0989d85602e53f9fd5e3e05a58a77452
SHA1

9b291893c55dab84e8bafe59d648c41649201440
SHA256

6b1f2c0167a054ea88e0b437c4fcfa1365f7affb038bd438a684a12842090da7
SHA512

f3796d334aafc0123e873cfd6ab46f59e44a34d342a282f561731ea03ac0fc27efe7fecc52d20436070596454dcfe401c967977975806c24905282f971a4c35b
SSDEEP

6144:rLqwwOiL3irbQAcBKp5VAI6+GE4nqc2XOLAhmi4Lb7NA5pQoM:rLbwhL36Vca5E+GEwqcyZhYAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0989d85602e53f9fd5e3e05a58a77452_JaffaCakes118

Files

0989d85602e53f9fd5e3e05a58a77452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b782c5735f62525630d1a1c753dc3fa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
LoadResource
ResetEvent
GlobalFree
WideCharToMultiByte
FileTimeToSystemTime
DeleteFileW
lstrlenW
ExitProcess
FreeLibrary
GetModuleHandleW
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
GetFileAttributesExW
FindFirstFileW
SetEndOfFile
GetCurrentProcess
FindResourceW
GlobalDeleteAtom
InterlockedDecrement
VirtualAlloc
CreateEventW
GetDriveTypeW
DuplicateHandle
CreateWaitableTimerW
GlobalLock
GetCurrentThread
FindNextChangeNotification
GetUserDefaultLangID
LockResource
ReadProcessMemory
QueryDosDeviceW
GetProcAddress

user32

RegisterClassExW
SetForegroundWindow
LoadStringW
SetCapture
UpdateWindow
DestroyMenu
CreateWindowExW
LoadCursorW
SetCursorPos
SetWindowTextW
GetSysColor
SystemParametersInfoW
GetWindowRect
RegisterHotKey
TrackPopupMenu
FillRect
LoadImageW
GetWindowThreadProcessId
GetParent
DestroyIcon
RedrawWindow
GetKeyState
DefWindowProcW
PostMessageW
SetDlgItemTextW
GetDlgItem
GetSystemMetrics
DialogBoxParamW
IsWindow

gdi32

CreateDCW
CreatePen
CreateCompatibleBitmap
SetBkMode
DeleteDC
GetObjectW
SetTextColor
GetClipBox
SetBkColor
CreateICW
SetDIBits
CreateCompatibleDC
GetStockObject

advapi32

LookupAccountSidW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
SetSecurityDescriptorDacl

Sections

.text
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b782c5735f62525630d1a1c753dc3fa8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 256KB - Virtual size: 252KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 21KB

.text
Size: 256KB - Virtual size: 252KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 21KB